Chat now with support
Chat with Support

Binary Tree Migrator for Notes 20.11 - Installation and Configuration Guide

Section 1. Introduction Section 2. Installing Binary Tree Migrator for Notes Section 3. Setting Up the Migrator for Notes Domino Database Section 4. Configuring Settings in Migrator for Notes Appendix A: Preparing for Office 365 Migrations Appendix B: Preparing for Office 365 Modern Authentication Appendix C: Creating a Migration Farm Appendix D: Securing Notes Migrator Web Services with Windows Authentication

Verifying the Notes Migrator xml Server is Secured

During a default install of Notes Migrator, the web services are configured such that they are accessible via browser by anonymous users.  In situations that require web services to be secured, you can configure the web services to use Windows authentication.

The process for securing Notes Migrator web services includes:

  • Installing Notes Migrator (following the steps found in this guide).

  • Securing the CMT_XMLServer and CMTMonitor web sites in IIS.

  • Verifying the CMT_XMLServer and CMTMonitor sites are secured.

It is recommended that a secondary computer that is not part of the Active Directory domain or a user that is not part of the group being granted access to the web services be used to verify security is working correctly.  


Any workstation that will manage the data migration using the Notes Migrator.nsf Notes database must have CMTeService component installed, and must be logged in to an account that has access to the CMT XML server in IIS.

Enable Windows Authentication on CMT_XMLServer

  1. Expand Web services in the Internet Information Services (IIS) management console, and select the CMT_XMLServer site; open the Authentication options:

  1. Select Anonymous Authentication, and click Disable:

  1. In the Authentication options, select Windows Authentication, and click Enable:

(Optional) Disable Anonymous Access to the Root of the Web Server

  1. In the Authentication window, you can disable Anonymous access to the web server at this point.  Highlight Anonymous Authentication, and click Disable:

  1. Open a web browser, and access the web services page at http://servername/cmt_xmlserver/cmtxmlservice.asmx, where servername is the IP address or name of the system hosting the CMT XML server.  You should be prompted for credentials to use when accessing the site. Enter the user credentials in the form of “MyDomain\Username”.

 

Do not use a browser session on the MCC or localhost addresses when verifying security of the web services.  IIS treats localhost requests differently than pages containing an IP address or domain name.  In addition localhost is added to the ‘Trusted Sites’ section of Internet Explorer (IE) by default, so in typical configurations IE will automatically pass credentials to the web server.

  1. You should see the XML service page:

 

If you are logged in to the domain, and have your site listed as a ‘trusted site’ in Internet Explorer, you will see the web page without prompting for username and password. It is recommended that testing the security of the server be done without the xml server added as a trusted site. To check your configuration, open “Options” in internet explorer, click “Security”, highlight “Trusted sites”, and click on the “Sites” button.

  1. Open a web browser, and access the monitor page at http://servername/cmtmonitor, where servername is the IP address or name of the system hosting the CMT XML server.  You should be prompted for credentials to use when accessing the site. Enter the user credentials in the form of “MyDomain\Username”.

  1. You should see the Notes Migrator Monitor page.

 

 

 

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating